Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/pSchHVP3fr0rIQkQDIg5xPcSDw0.roa
File: pSchHVP3fr0rIQkQDIg5xPcSDw0.roa (raw, json)
Hash identifier: /9kXMeevfxfhDuAYV3+JA7tvLBBv9Iu4FVXbDB8PwX4=
Subject key identifier: A5:27:21:1D:53:F7:7E:BD:2B:21:09:10:0C:88:39:C4:F7:12:0F:0D
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A8FEE8E1ED92FD6599E2EF8663E489666
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/pSchHVP3fr0rIQkQDIg5xPcSDw0.roa
Signing time: Wed 13 Sep 2023 19:04:50 +0000
ROA not before: Wed 13 Sep 2023 19:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:8fee:181/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:8f:ee:8e:1e:d9:2f:d6:59:9e:2e:f8:66:3e:48:96:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 13 19:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a527211d53f77ebd2b2109100c8839c4f7120f0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:b9:7f:bd:42:be:84:a9:00:38:77:18:11:6b:
98:4b:1e:16:7c:b7:a2:71:be:39:4a:d4:5c:c4:a1:
2d:cb:bc:76:6c:41:56:73:00:2c:6d:fa:fc:44:fe:
b8:c9:50:b4:cd:1b:34:24:9c:15:14:6f:3b:d9:6f:
f2:de:2c:13:2b:1d:e3:80:78:f0:7d:84:92:a3:e0:
a9:67:8e:96:50:60:ac:04:26:e6:9c:db:17:3a:11:
08:84:b4:13:55:58:6d:d5:4e:36:c1:fd:ad:86:c9:
10:74:4d:f2:25:80:d9:e9:94:1b:c9:dd:e3:bf:27:
0e:e1:8a:65:4b:eb:df:1f:cd:a9:93:36:f5:aa:ff:
7f:9c:00:a3:cc:53:77:5b:dd:1d:44:34:ea:04:8b:
df:67:f6:82:e0:43:47:83:07:52:85:50:23:1d:5b:
af:c6:96:3d:c3:c3:97:12:00:6a:81:05:41:43:5e:
91:ce:2d:33:77:62:ad:6b:50:47:5a:94:f3:10:50:
e5:de:d5:e3:28:e8:86:fc:db:68:e4:67:c9:f5:ae:
19:67:0a:74:1e:27:9b:c9:c4:5d:e9:1f:73:b6:58:
99:c7:3d:21:b1:b8:49:15:75:36:c0:3f:d1:4e:a3:
a4:5d:56:ff:03:c1:38:ab:36:8e:73:2c:36:6c:0d:
b0:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:27:21:1D:53:F7:7E:BD:2B:21:09:10:0C:88:39:C4:F7:12:0F:0D
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/pSchHVP3fr0rIQkQDIg5xPcSDw0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
87:2c:1a:b1:3b:2f:c1:8e:3b:e3:b1:68:86:52:c3:bf:a2:45:
98:07:34:5d:64:ab:ac:d0:ca:2a:22:44:9f:33:71:e0:ea:3e:
15:51:4a:bd:5a:7e:97:c7:cc:84:ae:31:2d:42:39:55:91:89:
58:f3:ea:7b:b8:3d:70:28:8d:a3:47:97:88:b2:3c:03:54:fb:
8a:7e:c4:2a:f6:ba:a7:3c:8e:2d:19:db:34:ba:d4:f5:1f:4d:
45:22:a7:bc:28:fd:26:3b:d8:7e:b0:9b:69:ce:63:71:15:34:
24:55:8a:47:20:ae:c2:5d:fc:29:ed:b9:70:1b:95:07:3b:e2:
06:d2:c1:8f:c1:37:9a:ac:e4:d5:4b:bf:3a:67:fb:90:05:42:
f2:83:94:69:bc:bd:a7:10:41:b5:dc:ba:9f:42:43:fa:1e:3d:
0b:aa:fb:19:04:06:5a:bb:d5:9a:81:c0:8b:8c:29:65:bf:ce:
80:14:fb:45:5a:47:f4:e8:a2:6d:15:e8:9f:62:82:b3:a6:ff:
16:d7:a2:ea:86:18:ec:1c:04:99:e6:72:f1:2e:cf:26:6a:d2:
7b:59:7e:01:a1:c3:61:58:ec:cd:d8:4a:00:9e:4b:87:30:12:
8f:ac:26:ef:6c:5d:20:1c:30:06:33:41:9f:3f:12:f7:d2:81:
3f:cd:d8:6e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqP7o4e2S/WWZ4u+GY+SJZmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTEzMTkwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTI3MjExZDUzZjc3ZWJkMmIyMTA5MTAwYzg4MzljNGY3MTIwZjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzLl/vUK+hKkAOHcYEWuYSx4WfLei
cb45StRcxKEty7x2bEFWcwAsbfr8RP64yVC0zRs0JJwVFG872W/y3iwTKx3jgHjw
fYSSo+CpZ46WUGCsBCbmnNsXOhEIhLQTVVht1U42wf2thskQdE3yJYDZ6ZQbyd3j
vycO4YplS+vfH82pkzb1qv9/nACjzFN3W90dRDTqBIvfZ/aC4ENHgwdShVAjHVuv
xpY9w8OXEgBqgQVBQ16Rzi0zd2Kta1BHWpTzEFDl3tXjKOiG/Nto5GfJ9a4ZZwp0
HiebycRd6R9ztliZxz0hsbhJFXU2wD/RTqOkXVb/A8E4qzaOcyw2bA2wZwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKUnIR1T9369KyEJEAyIOcT3Eg8NMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvcFNjaEhWUDNmcjBySVFrUURJZzV4UGNTRHcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIcsGrE7L8GOO+OxaIZS
w7+iRZgHNF1kq6zQyioiRJ8zceDqPhVRSr1afpfHzISuMS1COVWRiVjz6nu4PXAo
jaNHl4iyPANU+4p+xCr2uqc8ji0Z2zS61PUfTUUip7wo/SY72H6wm2nOY3EVNCRV
ikcgrsJd/CntuXAblQc74gbSwY/BN5qs5NVLvzpn+5AFQvKDlGm8vacQQbXcup9C
Q/oePQuq+xkEBlq71ZqBwIuMKWW/zoAU+0VaR/Toom0V6J9igrOm/xbXouqGGOwc
BJnmcvEuzyZq0ntZfgGhw2FY7M3YSgCeS4cwEo+sJu9sXSAcMAYzQZ8/EvfSgT/N
2G4=
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:55:59 2025 by rpki-client